OpenSSL

OpenSSL

300 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 4.04%
  • Veröffentlicht 27.01.2012 00:55:01
  • Zuletzt bearbeitet 16.06.2026 23:34:49

crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 ...

  • EPSS 13.86%
  • Veröffentlicht 19.01.2012 19:55:01
  • Zuletzt bearbeitet 16.06.2026 23:36:34

OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an out-of-bounds read. NOTE: this vulnerability exists because of an incorre...

  • EPSS 16.65%
  • Veröffentlicht 06.01.2012 01:55:01
  • Zuletzt bearbeitet 16.06.2026 23:35:09

The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.

  • EPSS 4.99%
  • Veröffentlicht 06.01.2012 01:55:01
  • Zuletzt bearbeitet 16.06.2026 23:36:31

The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service (daemon crash) via crafted data from a TLS client.

  • EPSS 15.76%
  • Veröffentlicht 06.01.2012 01:55:00
  • Zuletzt bearbeitet 16.06.2026 23:34:26

The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack.

  • EPSS 17.69%
  • Veröffentlicht 06.01.2012 01:55:00
  • Zuletzt bearbeitet 16.06.2026 23:34:26

Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check.

  • EPSS 14.52%
  • Veröffentlicht 06.01.2012 01:55:00
  • Zuletzt bearbeitet 16.06.2026 23:35:04

The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by...

  • EPSS 9.33%
  • Veröffentlicht 06.01.2012 01:55:00
  • Zuletzt bearbeitet 16.06.2026 23:35:04

OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address bloc...

  • EPSS 5.01%
  • Veröffentlicht 22.09.2011 10:55:03
  • Zuletzt bearbeitet 16.06.2026 23:32:52

crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past.

  • EPSS 4.56%
  • Veröffentlicht 22.09.2011 10:55:03
  • Zuletzt bearbeitet 16.06.2026 23:32:53

The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e does not ensure thread safety during processing of handshake messages from clients, which allows remote attackers to cause a denial of service (daemo...